Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

The request contains two IP address: 1 of the client and 1 append for cloudflare

satyr
Nimbostratus
Nimbostratus

Hello

 

When my VS is invoked from Cloudflare, the header contains two ip addresses. I have identified that the first ip address of the header corresponds to the user that connects and the second ip address correspond to Cloudflare

¿Is it possible to insert only the ip address of the connecting user and remove the ip address from Cloudflare?

 

0691T00000CqdTJQAZ.png

8 REPLIES 8

Hi satyr,

Cloudflare has another header you could use, see the article for True-Client-IP header:

Understanding the True-Client-IP Header

Enable this header and try to update your iRule like this:

when HTTP_REQUEST {
    HTTP::header insert X-Forwarded-For [HTTP::header value "True-Client-IP"]
}

Let us know if this has solved your issue.

KR

Daniel

Hello Daniel

 

Thanks for read my question

 

Let me do the test and I would confirm if the result was successful

 

Hello Daniel

 

The problem persists, 2 ip's are seen and the page does not load at the application level

 

Is there another device involved that could modify the X-Forwarded-For header? Either between Cloudflare and BIG-IP or BIG-IP and application server?

 

KR

Daniel

Does your application traffic flow is like given below ? -

 

Client --> CloudFlare --> F5 vServer --> Backend servers

 

If yes, then xff settings enabled under http profile mapped on the vServer is adding CF IP in the header. The original client IP in the header is added by CF itself. In this case, disabling xff settings under F5 http profile should help you. But this change/setting will be applicable for all the application urls which are on that vServer.

satyr
Nimbostratus
Nimbostratus

Hello Mayur

 

Thanks for read my question.

 

In this moment the traffic flow is: Cloudflare-->F5 Virtual Server-->Backen Servers

satyr
Nimbostratus
Nimbostratus

Hello Daniel

 

In this moment the traffic flow is: Cloudflare-->F5 Virtual Server--> Backend Servers

 

In the backend servers (httpd.conf archive), I have the following line to capture the remote ip address

 

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" common

  SetEnvIf X-Forwarded-For "^.\..\..\.." forwarded

Hallo Satyr,

 

you should add a log statement to the iRule or do a tcpdump in order to monitor whether the True-Client-IP Header contains two IP addresses or if the second IP is added by something else to the XFF header.

 

KR

Daniel